90509 matches found
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the possibility of circumventing access control mechanisms, allowing unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the possibility of circumventing access control mechanisms. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
The vulnerability of the QueryRGBBufferSizeInternal() function in the OpenImageIO library allows a hacker to cause a service failure.
The vulnerability of the QueryRGBBufferSizeInternal function in the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the SwapRGBABytes() function in the OpenImageIO library, which allows a hacker to cause a service failure.
The vulnerability of the SwapRGBABytes function in the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the neutralizeArraySpeciesBatch method in the NPM package manager’s vm2 library allows a hacker to execute arbitrary code.
The vulnerability of the neutralizeArraySpeciesBatch method in the NPM package manager’s vm2 library is related to the disclosure of information in the error-prone data area. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Prisma Browser browser in macOS operating systems stems from improper protection of the alternate path, allowing attackers to bypass security restrictions and execute arbitrary commands.
The vulnerability of the Prisma Browser browser in macOS operating systems is related to improper protection of the alternative path. Exploiting this vulnerability allows an attacker to bypass security restrictions and execute arbitrary commands...
The vulnerability of the Grafana monitoring and surveillance platform, related to the re-writing of access control lists, allows a violator to increase their privileges.
The vulnerability of the Grafana monitoring and observation platform lies in the reimporting of access control lists due to data import from the monitoring panel. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of the built-in macro $__timeGroup in the Grafana monitoring and observation platform allows a hacker to trigger a service failure.
The vulnerability of the $timeGroup macro built into the Grafana monitoring and observation platform involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the virtual machine on Palo Alto Networks’ Cortex XDR Broker VM, a cloud-based security platform, stems from insufficient validation of input data. This allows attackers to execute arbitrary code.
The vulnerability of the virtual machine on the cloud security platform of Palo Alto Networks Cortex XDR Broker VM is related to insufficient validation of input data during the processing of certificate and key fields. Exploiting this vulnerability can allow attackers to execute arbitrary code...
The vulnerability of the IKEv2 VPN server implementation in the operating system PAN-OS allows a perpetrator to cause a service failure.
The vulnerability of the IKEv2 VPN server implementation in the PAN-OS operating system is related to insufficient validation of requests on the server side. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...
The vulnerability of the graphics processors in Google Chrome and Microsoft Edge allows a hacker to gain unauthorized access to protected information.
The vulnerability of Google Chrome and Microsoft Edge web browsers relates to the use of uninitialized variables. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HTML page...
The vulnerability of the Views component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the Views component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code through a specially created HTML page...
The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge browsers allows a hacker to replace the user interface.
The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to replace the user’s interface with a specially created HTML page...
The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge browsers allows a hacker to gain unauthorized access to protected information.
The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge stems from insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HTML page...
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to shortcomings in the mechanism for limiting input data. This allows attackers to trigger service failures.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to shortcomings in the mechanism for limiting the amount of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the lack of authentication, allows a perpetrator to compromise the integrity of the protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor to potentially compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized access to protected informatio...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability allows an attacker to remotely compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the lack of protective measures taken against the user-controlled structure of web pages. This allows attackers to execute arbitrary code.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the NPM package manager vm2 library allows a hacker to execute arbitrary code.
The vulnerability of the NPM packet manager’s vm2 library is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Craft CMS content management system, related to the use of a signal processor for an non-interactive function, allows attackers to execute arbitrary commands.
The vulnerability of the Craft CMS content management system is related to the use of a signal processor for non-interactive functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the Grafana monitoring and surveillance platform lies in the unauthorized access to the account after the token has expired, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the Grafana monitoring and observation platform relates to incorrect access to the account after the token’s expiration period. Exploiting this vulnerability could allow an attacker who operates remotely to gain unauthorized access to protected information...
The vulnerability of the Annotations API interface of the Grafana monitoring and observation platform allows a perpetrator to gain access to read, modify, or delete data.
The vulnerability of the Annotations API interface of the Grafana monitoring and observation platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data...
The vulnerability of the Auth Proxy function on the Grafana monitoring and observation platform allows a hacker to bypass security restrictions.
The vulnerability of the Auth Proxy function of the Grafana monitoring and observability platform relates to the default use of addresses with a mask of /32 when using a list of allowed IP addresses. Exploiting this vulnerability could allow an attacker to bypass security restrictions remotely...
The vulnerability in the web interface of the operating system PAN-OS for Ethernet interfaces of the PA-Series and VM-Series series allows attackers to carry out cross-site scripting attacks.
The vulnerability of the PAN-OS operating system’s web interfaces for PA-Series and VM-Series series network interfaces is related to the lack of measures taken to protect the structure of the web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attack...
The vulnerability of the Chromoting remote administration tool, which is available for Google Chrome and Microsoft Edge browsers, allows a hacker to escalate their privileges.
The vulnerability of the Chromoting remote administration tool, which is available for Google Chrome and Microsoft Edge browsers, is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to increase their privileges by...
The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge relates to memory boundary violation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...
The vulnerability of the File System Access API interface in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the File System Access API interface in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...
The vulnerability in the set of tools for web development, DevTools, available in Google Chrome and Microsoft Edge browsers, allows a hacker to bypass existing security mechanisms.
The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to bypass existing security mechanisms through a specially created HTML page...
The vulnerability of the Blink rendering module in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.
The vulnerability of the Blink rendering module in Google Chrome and Microsoft Edge browsers is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...
The vulnerability of the Opaque Response Blocking mechanism in browsers Google Chrome and Microsoft Edge allows attackers to bypass existing security mechanisms.
The vulnerability of the Opaque Response Blocking ORB mechanism in Google Chrome and Microsoft Edge is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML page...
The vulnerability of the Omnibox address bars in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the Omnibox address bars in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the improper handling of logical operations, allows attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the improper handling of logical operations. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability allows an attacker to remotely compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from a violation of access control checks, allowing attackers to compromise the integrity of the protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to a violation of access control checking procedures. Exploiting this vulnerability allows an attacker operating remotely to compromise the integrity of the protected information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using an alternative path or channel. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...
The vulnerability of the ConvertCbYCrYToRGB() function in the OpenImageIO library, which allows a hacker to trigger a service failure.
The vulnerability of the ConvertCbYCrYToRGB function in the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Grafana monitoring and observation platform’s plugin allows a hacker to trigger a service failure.
The vulnerability of the Grafana monitoring and observation platform’s plugin is related to the unlimited distribution of resources when processing requests to the endpoint. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability of the sqlExpressions() function on the Grafana monitoring and observation platform allows a hacker to read arbitrary files.
The vulnerability of the sqlExpressions function on the Grafana monitoring and observation platform relates to the use of files and directories accessible from external parties. Exploiting this vulnerability could allow a malicious actor to read arbitrary files...
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in the certificate validation process. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access ...
The vulnerability of the Shared Storage API interface of Google Chrome and Microsoft Edge allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Shared Storage API interface in Google Chrome and Microsoft Edge is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...
The vulnerability of the Media components in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the Media component in Google Chrome and Microsoft Edge relates to memory-related issues. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially crafted HTML page...
The vulnerability of the Canvas component in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.
The vulnerability of the Canvas component in Google Chrome and Microsoft Edge relates to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML page...
The vulnerability of the graphics processors in Google Chrome and Microsoft Edge allows a hacker to gain unauthorized access to protected information.
The vulnerability of Google Chrome and Microsoft Edge web browsers relates to the use of uninitialized variables. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HTML page...
The vulnerability of the Dawn component in browsers Google Chrome and Microsoft Edge allows a hacker to bypass existing security measures.
The vulnerability of the Dawn component in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML page...
The vulnerability of the node-tar library on the Node.js software platform allows attackers to gain unauthorized access to protected information.
The vulnerability of the node-tar library in the Node.js software platform is related to an incorrect limitation on the path name for the restricted-access directory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the iLBC audio codec in the Wireshark computer network traffic analyzer allows a hacker to cause a service failure.
The vulnerability of the iLBC audio codec used by Wireshark, a network traffic analyzer, is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow attackers to cause system failures...
The vulnerability of the SDP protocol analyzer in Wireshark allows a hacker to cause a service failure.
The vulnerability of the SDP protocol analyzer in Wireshark’s computer network traffic analysis tool is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the XRDP server, related to buffer overflows in dynamic memory, allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the XRDP server is related to overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure or execute arbitrary code...